FR3059120B1 - METHOD AND SYSTEM FOR DETECTING VULNERABILITY OF AN ONBOARD DEVICE - Google Patents
METHOD AND SYSTEM FOR DETECTING VULNERABILITY OF AN ONBOARD DEVICE Download PDFInfo
- Publication number
- FR3059120B1 FR3059120B1 FR1661298A FR1661298A FR3059120B1 FR 3059120 B1 FR3059120 B1 FR 3059120B1 FR 1661298 A FR1661298 A FR 1661298A FR 1661298 A FR1661298 A FR 1661298A FR 3059120 B1 FR3059120 B1 FR 3059120B1
- Authority
- FR
- France
- Prior art keywords
- current
- challenge
- message
- score
- vulnerability
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Data Mining & Analysis (AREA)
- Medical Informatics (AREA)
- Evolutionary Computation (AREA)
- Mathematical Physics (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Artificial Intelligence (AREA)
- Computational Linguistics (AREA)
- Databases & Information Systems (AREA)
- Debugging And Monitoring (AREA)
- Stored Programmes (AREA)
Abstract
L'invention concerne un procédé et un système de détection de vulnérabilité d'un dispositif embarqué, dit cible d'évaluation, comportant : - un générateur (3) de challenge configuré pour générer un message de challenge courant adapté pour tester la vulnérabilité de ladite cible (13) d'évaluation, - un injecteur (5) de challenge configuré pour injecter ledit message de challenge courant dans ladite cible (13) d'évaluation, - un module de mesure (7) configuré pour mesurer à travers un canal auxiliaire un signal de fuite relatif à une réaction de la cible (13) d'évaluation à ladite injection du message de challenge courant, - un analyseur (7) de signaux configuré pour analyser ledit signal de fuite et pour produire un profil courant représentatif dudit message de challenge courant, et - un calculateur (11) de score configuré pour attribuer un score courant au message de challenge courant en fonction du profil courant et pour envoyer ledit score courant au générateur (3) de challenge qui est adapté pour régénérer un nouveau message de challenge sur la base dudit score courant.The invention relates to a method and system for detecting the vulnerability of an on-board device, referred to as an evaluation target, comprising: a challenge generator (3) configured to generate a current challenge message adapted to test the vulnerability of said target (13) evaluation, - a challenge injector (5) configured to inject said current challenge message into said evaluation target (13), - a measurement module (7) configured to measure through an auxiliary channel a leakage signal relating to a reaction of the evaluation target (13) to said injection of the current challenge message; - a signal analyzer (7) configured to analyze said leakage signal and to produce a current profile representative of said message current challenge, and - a score calculator (11) configured to assign a current score to the current challenge message according to the current profile and to send said current score to the current challenge tor (3) challenge which is adapted to regenerate a new challenge message based on said current score.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| FR1661298A FR3059120B1 (en) | 2016-11-21 | 2016-11-21 | METHOD AND SYSTEM FOR DETECTING VULNERABILITY OF AN ONBOARD DEVICE |
| US15/816,272 US10803179B2 (en) | 2016-11-21 | 2017-11-17 | Method and system for detecting the vulnerability of an onboard device |
| EP17202811.0A EP3324326B1 (en) | 2016-11-21 | 2017-11-21 | Method and system for detecting the vulnerability of a vehicle-mounted device |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| FR1661298A FR3059120B1 (en) | 2016-11-21 | 2016-11-21 | METHOD AND SYSTEM FOR DETECTING VULNERABILITY OF AN ONBOARD DEVICE |
| FR1661298 | 2016-11-21 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| FR3059120A1 FR3059120A1 (en) | 2018-05-25 |
| FR3059120B1 true FR3059120B1 (en) | 2019-05-10 |
Family
ID=58455126
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| FR1661298A Expired - Fee Related FR3059120B1 (en) | 2016-11-21 | 2016-11-21 | METHOD AND SYSTEM FOR DETECTING VULNERABILITY OF AN ONBOARD DEVICE |
Country Status (3)
| Country | Link |
|---|---|
| US (1) | US10803179B2 (en) |
| EP (1) | EP3324326B1 (en) |
| FR (1) | FR3059120B1 (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113392402B (en) * | 2021-05-24 | 2022-08-05 | 国网湖北省电力有限公司电力科学研究院 | A system and method for vulnerability detection of power Internet of Things protocol based on fuzzing |
| CN113239097B (en) * | 2021-07-13 | 2021-12-10 | 国网江西省电力有限公司电力科学研究院 | A method and system for analyzing potential safety hazards of electric leakage in platform area |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100058475A1 (en) * | 2008-08-26 | 2010-03-04 | Nec Laboratories America, Inc. | Feedback-guided fuzz testing for learning inputs of coma |
| US9015667B2 (en) * | 2010-10-06 | 2015-04-21 | Microsoft Technology Licensing, Llc | Fuzz testing of asynchronous program code |
| US9898388B2 (en) * | 2014-05-23 | 2018-02-20 | Mentor Graphics Corporation | Non-intrusive software verification |
| US9432394B1 (en) * | 2015-03-16 | 2016-08-30 | Ixia | Methods, systems, and computer readable media for converging on network protocol stack vulnerabilities using fuzzing variables, vulnerability ratings and progressive convergence |
-
2016
- 2016-11-21 FR FR1661298A patent/FR3059120B1/en not_active Expired - Fee Related
-
2017
- 2017-11-17 US US15/816,272 patent/US10803179B2/en active Active
- 2017-11-21 EP EP17202811.0A patent/EP3324326B1/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| US20180144141A1 (en) | 2018-05-24 |
| FR3059120A1 (en) | 2018-05-25 |
| EP3324326B1 (en) | 2020-09-23 |
| US10803179B2 (en) | 2020-10-13 |
| EP3324326A1 (en) | 2018-05-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3797304C0 (en) | SYSTEM AND METHOD FOR MONITORING AN OPERATING CONDITION OF AN OPERATING ELECTRICAL DEVICE | |
| US9909949B2 (en) | Leakage determination method, leakage determination system, and program | |
| DE502008003347D1 (en) | Smoke detection by means of two spectrally different scattered light measurements | |
| BR112018014352A2 (en) | system and method for monitoring and diagnosing transformer and diagnostic device integrity | |
| AR101284A1 (en) | CEPSTRAL ANALYSIS ON THE STATE OF THE PUMPING EQUIPMENT OF AN OIL FIELD | |
| EA201792272A1 (en) | METHOD AND DEVICE FOR MONITORING THE CONDITION OF A MOVING OBJECT AND QUICKLY VERIFICATION OF A VEHICLE | |
| RU2014138423A (en) | TRANSPORT NETWORK INFRASTRUCTURE MONITORING | |
| NZ614201A (en) | Diagnostic devices and related methods | |
| FR3059120B1 (en) | METHOD AND SYSTEM FOR DETECTING VULNERABILITY OF AN ONBOARD DEVICE | |
| WO2009056709A3 (en) | Device for the centralized management of measurements and data relating to the liquid and gas flows needed for the operation of a combustion engine | |
| FR3101154B1 (en) | Partial discharge monitoring system in electrical equipment via gaseous emissions | |
| RU2012139824A (en) | METHOD AND DEVICE FOR CORRECTION OF MEASUREMENT OF GAS FLOW PRESSURE, CIRCULATING IN THE AIRCRAFT ENGINE | |
| FR3080915B1 (en) | LEAK DETECTION MODULE AND METHOD FOR CHECKING THE SEALING OF AN OBJECT TO BE TESTED BY TRACER GAS | |
| EP3588387C0 (en) | METHOD FOR TESTING AN ELECTRONIC AIR TRAFFIC CONTROL SYSTEM, ASSOCIATED ELECTRONIC DEVICE AND PLATFORM | |
| FR3099830B1 (en) | Method and system for monitoring a cable network, by principal component analysis | |
| FR3035150B1 (en) | METHOD, SYSTEM AND APPARATUS FOR DETECTING A CLOSURE TIME OF AN INJECTOR | |
| KR101356176B1 (en) | Method and system for measuring engine oil deterioration | |
| EP4113369A4 (en) | MODULE, APPARATUS, SYSTEM AND METHOD FOR DETECTING THE SIGN OF LIFE | |
| FR3079497B1 (en) | DETECTION OF ICING CONDITIONS FOR AN AIRCRAFT BY ANALYSIS OF ELECTRIC CURRENT CONSUMPTION | |
| CN104865375B (en) | The method and device of position is measured in the debugging of reaction cup | |
| RU2597034C1 (en) | Method of detecting explosive charge blasting contained in test object, and explosion delay from the moment of the test object contact with obstacle and device for its implementation | |
| CN111373257B (en) | Method and testing device for testing a gas sensor, and system comprising a gas sensor and a testing device | |
| FR3095641B1 (en) | device for testing an avionics function, aircraft, associated method and computer program | |
| TR201814812A2 (en) | PERFORMANCE MEASUREMENT PROCESS | |
| FR3013843B1 (en) | DEVICE AND METHOD FOR DETERMINING THE PRESENCE OF DEGRADATION OR SOIL ON A DOPPLER LASER ANEMOMETRY PROBE HALLOT |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PLFP | Fee payment |
Year of fee payment: 2 |
|
| PLSC | Publication of the preliminary search report |
Effective date: 20180525 |
|
| PLFP | Fee payment |
Year of fee payment: 4 |
|
| PLFP | Fee payment |
Year of fee payment: 5 |
|
| ST | Notification of lapse |
Effective date: 20220705 |